Drones are currently one of the most dynamic products, with multiple use cases across sectors such as personal and commercial videography, farming and land surveying, law enforcement and national security, and more. One of the market leaders, China-based Daijiang Innovations (DJI), is often in the news for suspected cybersecurity and data privacy issues.
Security concerns on the DJI GO 4 application are likely founded, especially given the lack of transparency around the application capabilities. The analysis of DJI GO 4 shows similar result to other Chinese applications: obfuscation for hiding functionalities, information gathering including information on the phone, cellular network ID and GPS location of the user or the drone and execution of code without the control of the user (forced updates). Thus, the application should not be used for sensitive purpose.
Read the full analysis by: